package com.wex.cookbook.controller.userController;


import com.wex.cookbook.config.base.Result;
import com.wex.cookbook.dto.from.userInfo.LoginDto;
import com.wex.cookbook.dto.from.userInfo.LoginOutDto;
import com.wex.cookbook.dto.from.userInfo.RegisterDto;
import com.wex.cookbook.dto.from.userInfo.UpdateUserInfoDto;
import com.wex.cookbook.dto.to.userInfo.UserInfoDto;
import com.wex.cookbook.security.JwtTokenSecurityConfig;
import com.wex.cookbook.service.UserinfoService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

import javax.annotation.security.RolesAllowed;

/**
 * <p>
 * 用户信息表 前端控制器
 * </p>
 *
 * @author wex
 * @since 2023-10-16
 */
@RestController
@RequestMapping("/userinfo")
public class UserinfoController {
    @Autowired
    private UserinfoService userinfoService;

    @ApiOperation(value = "用户注册")
    @PostMapping(value = "/register")
    public Result<String> register(@Validated @RequestBody RegisterDto registerDto) {
        return userinfoService.register(registerDto);
    }

    @ApiOperation(value = "用户登录，用户可以使用用户名或者电话号码或者电子邮件登录")
    @PostMapping("/login")
    public Result<String> login(@Validated @RequestBody LoginDto loginDto) {
        String token = userinfoService.login(loginDto);
        return Result.success(token);
    }

    @ApiOperation(value = "用户登出")
    @PostMapping("/logout")
    public Result<String> logout(@Validated @RequestBody LoginOutDto loginDto) {
        //从在线账号清单中移除
        JwtTokenSecurityConfig.accountOnlineList.remove(loginDto.getUsername());
        return Result.success("登出成功");
    }

    @PreAuthorize(value = "hasAnyRole('ADMIN', 'USER') and #updateUserInfoDto.getUsername() == authentication.principal.username")
    @ApiOperation(value = "修改密码")
    @PostMapping("/updatePassword")
    public Result<String> updateUserInfoPassword(@RequestBody UpdateUserInfoDto updateUserInfoDto) {
        return userinfoService.updateUserInfoPassword(updateUserInfoDto);
    }

    @PreAuthorize(value = "hasAnyRole('ADMIN', 'USER') and #updateUserInfoDto.getUsername() == authentication.principal.username")
    @ApiOperation(value = "修改手机号码")
    @PostMapping("/updatePhone")
    public Result<String> updatePhone(@RequestBody UpdateUserInfoDto updateUserInfoDto) {
        return userinfoService.updateUserInfoPhone(updateUserInfoDto);
    }

    @PreAuthorize(value = "hasAnyRole('ADMIN', 'USER') and #updateUserInfoDto.getUsername() == authentication.principal.username")
    @ApiOperation(value = "修改邮箱")
    @PostMapping("/updateEmail")
    public Result<String> updateEmail(@RequestBody UpdateUserInfoDto updateUserInfoDto) {
        return userinfoService.updateUserInfoEmail(updateUserInfoDto);
    }

    @PreAuthorize(value = "hasAnyRole('ADMIN', 'USER')")
    @ApiOperation(value = "查看用户信息详情")
    @GetMapping("/getUserInfo/{username}")
    public Result<UserInfoDto> getUserInfo(@PathVariable String username) {
        return userinfoService.getUserInfo(username);
    }

    @PreAuthorize(value = "hasAnyRole('USER') and #username == authentication.principal.username")
    @ApiOperation(value = "注销")
    @GetMapping("/deleteUserInfo/{username}")
    public Result<String> deleteUserInfo(@PathVariable String username) {
        return userinfoService.deleteUserInfo(username);
    }

    @PreAuthorize("hasAnyRole('ADMIN', 'USER') and #updateUserInfoDto.getUsername() == authentication.principal.username")
    @ApiOperation(value = "修改用户信息")
    @PostMapping("/updateUserInfo")
    public Result<String> updateUserInfo(@RequestBody UpdateUserInfoDto updateUserInfoDto) {
        return userinfoService.updateUserInfo(updateUserInfoDto);
    }
}

